Bug 1322111

Summary: RFC: ps can display misleading wchan data
Product: Red Hat Enterprise Linux 6 Reporter: Paulo Andrade <pandrade>
Component: procpsAssignee: Jan Rybar <jrybar>
Status: CLOSED ERRATA QA Contact: David Jež <djez>
Severity: medium Docs Contact: Lenka Kimlickova <lkimlick>
Priority: medium    
Version: 6.6CC: albert, bnater
Target Milestone: rcKeywords: Patch, Upstream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: procps-3.2.8-43.el6 Doc Type: Bug Fix
Doc Text:
"ps" no longer removes *do_* and *sys_* prefixes Prior to this update, the "ps" command removed *do_* and *sys_* prefixes from the wait channel name when the "wchan" format option was used. As a conseqence, this caused ambiguities in some kernel function names. The bug has been fixed, and as a result the "ps" command no longer removes *do_* and *sys_* prefixes.
Story Points: ---
Clone Of:
: 1373246 (view as bug list) Environment:
Last Closed: 2017-03-21 11:40:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1269194, 1356047, 1359260, 1373246    
Attachments:
Description Flags
wchan info stripping removed none

Description Paulo Andrade 2016-03-29 20:24:02 UTC
procps and procps-ng in rhel7 apparently try to output a
"prettier" output for the wchan data.

  The code basically does this:

proc/ksym.c:read_wchan() and lookup_wchan() (but the later
should not be used)
[...]
  if(*ret=='.') ret++;
  switch(*ret){
    case 's': if(!strncmp(ret, "sys_", 4)) ret += 4;   break;
    case 'd': if(!strncmp(ret, "do_",  3)) ret += 3;   break;
    case '_': while(*ret=='_') ret++;                  break;
  }
[...]

  The problem is that there are common cases where stripping
the "do_" or "sys_" may cause one to think that it is referring
to a completely different code.
  The /proc/$pid/wchan contents are still correct.

  This is a RFC because if outputting the /proc/$pid/wchan
contents, while "truly" correct, most likely would print
mostly "do_" and "sys_" strings in a 6 characters field,
unless using options to print in a larger column.

  Maybe there could be a flag to not remove the prefix if
"-o wchan" is passed in the command line.

Comment 2 Jan Rybar 2016-07-20 15:33:20 UTC
Hello Paulo,
I don't understand "completely different code" in "...may cause one to think that it is referring to a completely different code."

Can you please be more verbose what ambiguity this part of lookup_wchan() might cause?

I listed all occurrences of "sys_" and "do_" in all wchan files in /proc and I didn't encounter anything suspicious. Tried on RHEL6 and RHEL7.

Comment 3 Paulo Andrade 2016-07-20 16:28:01 UTC
  Hi Jan,

  The comment was due the reason the bug report was opened,
where ps was showing "get_write_access", that is a generic
function in the VFS layer, that locks an inode, while it
actually was in "do_get_write_access", that is a jbd2
function.
  Part of the problem is that there is no real rules about
function naming, that would say that "sys_" is a prefix for
syscalls, or "do_" is an actual implementation of a syscall.

Comment 4 Jan Rybar 2016-07-20 16:50:40 UTC
Thank you Paulo,

this looks like a good proposal to discuss with upstream.

Comment 12 Jan Rybar 2016-11-23 13:12:08 UTC
Created attachment 1223222 [details]
wchan info stripping removed

Introduced new better patch to fix the issue and stay aligned with upstream. Stripping prefixed from wchan data was removed, since it led to ambiguities and the purpose of the feature is untraceable.

Comment 15 Jan Rybar 2017-01-03 14:15:24 UTC
Doc note:
Since stripping of "do_" and "sys_" was removed completely, formerly proposed "wchanf" option was discarded (no longer needed). This is aligned with upstream.

Comment 17 errata-xmlrpc 2017-03-21 11:40:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0769.html